Help Net Security

Don't miss:

What makes a good security analyst: The character traits you need

Organizations award hackers up to $900,000 a year in bug bounties

Explosive global attack delivers destructive Petya ransomware

Hot stuff

analyst

What makes a good security analyst: The character traits you need

Of all the skillsets IT decision-makers are looking to hire for, cybersecurity is easily the most challenging. According to Global Knowledge’s 10th annual IT Skills and Salary Survey, 31% of IT decision-makers have a difficult time finding qualified cybersecurity talent. And when it comes to hiring a security analyst, the challenge goes beyond …

danger

With ransomware, pay up if you want to keep paying

A hospital CEO is contacted in the middle of the night with a dire warning. Hackers have taken control of computer systems used for patient care, CT scans, and lab work. The hacker wants money. Rather than pay the ransom, the hospital CEO enlists several experts to try to break back into the system. It fails. Time is wasted, and the CEO has a …

password

Password Reset MITM: Exposing the need for better security choices

Attackers that have set up a malicious site can use users’ account registration process to successfully perform a password reset process on a number of popular websites and messaging mobile applications, researchers have demonstrated. The Password Reset MITM attack The Password Reset Man in the Middle (PRMITM) attack exploits the …

lock

Businesses finally realize that cyber defenses must evolve

Cybersecurity is finally getting the attention it deserves – it is only regrettable that this good news is the result of bad news: more numerous, complex, and damaging cyber attacks than ever before. Cybersecurity takes a step forward “The WannaCry ransomware attacks have recently made the headlines around the world. This attack …

lock

Spotlight

Businesses finally realize that cyber defenses must evolve

money

Organizations award hackers up to $900,000 a year in bug bounties

A new HackerOne report examines over 800 hacker-powered programs from organizations including …

Magazine 54

(IN)SECURE Magazine issue 54 released

(IN)SECURE Magazine is a free digital security publication discussing some of the hottest …

face

Organizations are intimidated by global privacy and data security regulations

Anthem

Anthem ready to pay $115 million to settle data breach lawsuit

Expert corner

What makes a good security analyst: The character traits you need

Anton Goncharov CTO at Gemini Data

What makes a good security analyst: The character traits you need

With ransomware, pay up if you want to keep paying

Carl Herberger VP of Security at Radware

With ransomware, pay up if you want to keep paying

Security startup confessions: Attending industry events

Kai Roer CEO of CLTRe

Security startup confessions: Attending industry events

DLP APIs: The next frontier for Data Loss Prevention

Roman Foeckl CEO at CoSoSys

DLP APIs: The next frontier for Data Loss Prevention

Where does the cyber security buck stop?

Corey Nachreiner CTO at WatchGuard Technologies

Where does the cyber security buck stop?

How to build a better SOC team

Reggie Best Chief Product Officer at Lumeta

How to build a better SOC team

Breaking TLS: Good or bad for security?

Todd O'Boyle CTO at Strongarm

Breaking TLS: Good or bad for security?

WannaCry is a painful reminder of why enterprises must stay current on software updates

Sumir Karayi CEO at 1E

WannaCry is a painful reminder of why enterprises must stay current on software updates

WannaCry: Smaller businesses are at great risk

Andrew Stuart Managing Director EMEA at Datto

WannaCry: Smaller businesses are at great risk

Who are we kidding? WannaCry is not a first

Limor Kessem Executive Security Advisor at IBM

Who are we kidding? WannaCry is not a first

Ready, set, race to the IoT hub

Geoff Webb VP Solution Strategy for Micro Focus

Ready, set, race to the IoT hub

A guide on how to prevent ransomware

Stephen Rouine Cyber Risk and Cloud Security Consultant at BH Consulting

A guide on how to prevent ransomware

What's New

phishing

Criminalization of DNS for phishing continues to advance

Cybercriminals have been shifting their tactics markedly, by registering more and more domain names, rather using web servers and domains they have hacked into. These “malicious domain registrations” accounted for half of all the domain names …

money

Organizations award hackers up to $900,000 a year in bug bounties

A new HackerOne report examines over 800 hacker-powered programs from organizations including Airbnb, GitHub, General Motors, Intel, Lufthansa, Nintendo, U.S. Department of Defense, Uber, and more. Findings are based on nearly 50,000 resolved …

analyst

What makes a good security analyst: The character traits you need

Of all the skillsets IT decision-makers are looking to hire for, cybersecurity is easily the most challenging. According to Global Knowledge’s 10th annual IT Skills and Salary Survey, 31% of IT decision-makers have a difficult time finding …

scalable

Making enterprise content management secure and scalable

Content is one of the most valuable commodities that any business owns. It’s the key driver of customer interactions, the foundation of core business processes, and it helps shape senior-level decision-making. Yet enterprises are clearly …

hole

Google researcher uncovers another RCE in Microsoft Malware Protection Engine

Google Project Zero researcher Tavis Ormandy has unearthed yet another critical remote code execution vulnerability affecting the Microsoft Malware Protection Engine, which powers a number of the company’s antivirus and antispyware …

Reviews

Review: Data Breach Preparation and Response

Review: Data Breach Preparation and Response

Review: The Internet of Risky Things

Review: The Internet of Risky Things

Review: DNS Security

Review: DNS Security

Review: iStorage diskAshur Pro SSD

Review: iStorage diskAshur Pro SSD

Review: The Basics of Cyber Safety

Review: The Basics of Cyber Safety

Review: IS Decisions UserLock

Review: IS Decisions UserLock

Review: Threat Forecasting

Review: Threat Forecasting

Review: FourV Systems GreySpark

Review: FourV Systems GreySpark

Review: Boxcryptor

Review: Boxcryptor

Review: Protecting Patient Information

Review: Protecting Patient Information

Review: iStorage datAshur Pro

Review: iStorage datAshur Pro

Review: Cyber Guerilla

Review: Cyber Guerilla

Don't miss

analyst

What makes a good security analyst: The character traits you need

money

Organizations award hackers up to $900,000 a year in bug bounties

Skull

Explosive global attack delivers destructive Petya ransomware

hole

Google researcher uncovers another RCE in Microsoft Malware Protection Engine

face

Organizations are intimidated by global privacy and data security regulations

DDoS

South Korean banks threatened with DDoS attacks unless they pay $315,000

Magazine 54

(IN)SECURE Magazine issue 54 released

scalable

Making enterprise content management secure and scalable

Linux

Cybersecurity battleground shifting to Linux and web servers

Telegram

Russia threatening to ban Telegram encrypted messaging app

Anthem

Anthem ready to pay $115 million to settle data breach lawsuit

Berlin

German law enforcement gets new hacking powers

Malware news

Explosive global attack delivers destructive Petya ransomware

Less than two months after the disastrous, global WannaCry infestation, a variant of the Petya ransomware dubbed PetrWrap has started hitting companies in Ukraine, Russia and Europe. Initial infections made it seem like Ukrainian companies and …

How the CIA gained access to air-gapped computers

Hackers extorted a cool $1 million from South Korean web hosting provider

Google’s whack-a-mole with Android adware continues

BAE Systems sold cyber-surveillance tools to autocratic regimes

Infosecurity Europe 2017

Crowdsourced security testing and bug bounties

In the past few years, the bug bounty economy has been growing steadily, with more organizations getting on board every day. In this podcast, Ilia Kolochenko, CEO at High-Tech Bridge, talks about crowdsourced security testing and bug bounties. …

InfoArmor: Operatively-sourced threat intelligence

Regional regulatory compliance trends: Strategies and implications

High-Tech Bridge ImmuniWeb named Best Emerging Technology

Bored employees seen as biggest potential data security risk